28
Kamaljit Singh, System Architect,
IDEMIA
Kamaljit Singh has been associated
with IDEMIA for the past three years.
He is an IT professional with a Masters
of Computer Applications, and has over
thirteen years of experience. He worked
for various MNCs such as Smart Chip,
Samsung Electronics, Kochar Infotech, and
IDEMIA. He has expertise in technologies
like security of IoT devices, smart cards,
embedded solutions, mobility solutions,
and cloud-based solutions.
To design secure Internet of Things (IoT) devices, engineers must consider the
security of the IoT device itself, the security of the IoT network in which device
communications occur, and the security of servers on which IoT data is stored.
When planning a secure IoT design, Kamaljit Singh, System Architect at IDEMIA,
emphasizes the importance of considering the device use case first. "Security
comes with a cost," he says. "Whenever we build security into a device, the cost
of that device increases. A connected coffee machine may not need the same
level of security as a connected device in an automobile. The level of security you
apply totally depends on the use case."
In the context of a device's use case, four aspects of security affect device design:
Securing data on the device. There are several approaches to protecting data on
a device from unauthorized access by a person or software. The most common
methods include isolating sensitive data in a protected zone on the device and
using a separate component to isolate sensitive data and data operations.
In the first instance, sensitive data is stored in a software-defined trusted zone
on the device, separate from data keys. "Whenever we want to perform an
operation, we pass the particular key ID to the crypto-engine available on that
"If you don't have a secure boot mechanism inside that device,
then every other security measure will fail. There is no use having
any security on the device if you don't have secure boot."
IoT Security Begins with Secure Boot
